2025-04-25
Malwarebytes
AI is getting “creepy good” at geo-guessing
Schneier on Security
Friday Squid Blogging: Squid Facts on Your Phone
Schneier on Security
Cryptocurrency Thefts Get Physical
Google Safety & Security
4 ways Google is combatting scams in Asia Pacific
Dark Reading
Mobile Applications: A Cesspool of Security Issues
Dark Reading
Vehicles Face 45% More Attacks, 4 Times More Hackers
Dark Reading
Phishing Kit Darcula Gets Lethal AI Upgrade
Atredis Partners
3D Printing Flying Probe Test Harnesses: Can you?
Ars Technica Security
FBI offers $10 million for information about Salt Typhoon members
Palo Alto Networks
Deliver Exceptional User Experience with ADEM Now Available on NGFW
ReversingLabs
What is the xBOM?
ReversingLabs
Secure Your AI Supply Chain with the ML-BOM
Searchlight Cyber
4chan Forum Hacked and Internal Data Leaked
2025-04-24
Malwarebytes
Zoom attack tricks victims into allowing remote access to install malware and steal money
Malwarebytes
4.7 million customers’ data accidentally leaked to Google by Blue Shield of California
Talos Intelligence
Lessons from Ted Lasso for cybersecurity success
Microsoft Security
New whitepaper outlines the taxonomy of failure modes in AI agents
Okta Security
How AI services power the DPRK’s IT contracting scams
Project Black
Code Assisted Penetration Testing
Schneier on Security
New Linux Rootkit
Datadog HQ
Monitor Temporal Cloud with Datadog
Elastic Security Labs
Now available: the 2025 State of Detection Engineering at Elastic
watchTowr Labs
Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)
Dark Reading
Max-Severity Commvault Bug Alarms Researchers
Dark Reading
FBI: Cybercrime Losses Rocket to $16.6B in 2024
Dark Reading
Navigating Regulatory Shifts & AI Risks
The Citizen Lab
The Real Lesson of SignalGate: A Surveillance Arms Race Has Poked a Gaping Hole in National Security
The Citizen Lab
Ron Deibert on CBC Ideas: Spyware Abusers Can Easily Hack Your Phone and Surveil You
Bishop Fox Security
SonicWall Sonicos Versions 7.1.x and 8.0.x
Ars Technica Security
New Android spyware is targeting Russian military personnel on the front lines
Palo Alto Networks
Bruce Byrd on Public-Private Partnerships in Cybersecurity
2025-04-23
Talos Intelligence
Introducing ToyMaker, an initial access broker working in cahoots with double extortion gangs
Microsoft Security
Understanding the threat landscape for Kubernetes and containerized assets
Project Black
Nessus Reporting Customisation & Analysis
Schneier on Security
Regulating AI Behavior with a Hypervisor
Datadog HQ
Datadog acquires Metaplane
Trail of Bits
How MCP servers can steal your conversation history
Dark Reading
Ransomware Gangs Innovate With New Affiliate Models
Dark Reading
Attackers Capitalize on Mistakes to Target Schools
Dark Reading
Kubernetes Pods Are Inheriting Too Many Permissions
Dark Reading
The Foundations of a Resilient Cyber Workforce
Dark Reading
Verizon: Edge Bugs Soar, Ransoms Lag, SMBs Bedeviled
Offensive Security
CVE-2025-32433: Vulnerability in Erlang/OTP SSH Implementation
Krebs on Security
DOGE Worker’s Code Supports NLRB Whistleblower
Searchlight Cyber
A New Era of Attack Surface Management Roles in Cybersecurity
2025-04-22
Malwarebytes
All Gmail users at risk from clever replay attack
Talos Intelligence
Year in Review: Attacks on identity and MFA
Kevin Beaumont
Microsoft’s patch for CVE-2025–21204 symlink vulnerability introduces another symlink vulnerability
Amazon Security
AWS empowers global security culture at Wicked6 Cyber Games
Troy Hunt
Weekly Update 448
Schneier on Security
Android Improves Its Security
Dark Reading
City of Abilene Goes Offline in Wake of Cyberattack
Dark Reading
3 More Healthcare Orgs Hit by Ransomware Attacks
Dark Reading
'Cookie Bite' Entra ID Attack Exposes Microsoft 365
Dark Reading
DeepSeek Breach Opens Floodgates to Dark Web
Krebs on Security
Whistleblower: DOGE Siphoned NLRB Case Data
2025-04-21
Malwarebytes
A week in security (April 12 – April 18)
Microsoft Security
Securing our future: April 2025 progress report on Microsoft’s Secure Future Initiative
SpiderLabs
Agent In the Middle – Abusing Agent Cards in the Agent-2-Agent (A2A) Protocol To ‘Win’ All the Tasks
Trail of Bits
Kicking off AIxCC’s Finals with Buttercup
Dark Reading
'Fog' Hackers Troll Victims With DOGE Ransom Notes
Dark Reading
Nation-State Threats Put SMBs in Their Sights